Message ID | c5b6c3b7824d620b341c72c8d5dde5f5fce17dec.1693228255.git.simone.ballarin@bugseng.com (mailing list archive) |
---|---|
State | Superseded |
Headers | show |
Series | address violations of MISRA C:2012 Directive 4.10 | expand |
On Mon, 28 Aug 2023, Simone Ballarin wrote: > Add or move inclusion guards to address violations of > MISRA C:2012 Directive 4.10 ("Precautions shall be taken in order > to prevent the contents of a header file being included more than > once"). > > Inclusion guards must appear at the beginning of the headers > (comments are permitted anywhere). > > The text of the beggining comment of cpufeatures.h has been changed > to match the deviation in automation/eclair_analysis/ECLAIR/deviations.ecl, > moreover this new formulation is already used in other files. I don't think it is a good idea to do this kind of textual matching. Instead we should use the format introduced by safe.json, e.g. SAF-1-safe > Mechanical change. > > Signed-off-by: Simone Ballarin <simone.ballarin@bugseng.com> > --- > xen/arch/x86/include/asm/compat.h | 5 +++++ > xen/arch/x86/include/asm/cpufeatures.h | 4 +--- > xen/arch/x86/include/asm/efibind.h | 5 +++++ > xen/arch/x86/include/asm/hypercall.h | 6 +++--- > 4 files changed, 14 insertions(+), 6 deletions(-) > > diff --git a/xen/arch/x86/include/asm/compat.h b/xen/arch/x86/include/asm/compat.h > index 818cad87db..3d3891d061 100644 > --- a/xen/arch/x86/include/asm/compat.h > +++ b/xen/arch/x86/include/asm/compat.h > @@ -2,6 +2,9 @@ > * compat.h > */ > > +#ifndef __ASM_X86_COMPAT_H__ > +#define __ASM_X86_COMPAT_H__ > + > #ifdef CONFIG_COMPAT > > #define COMPAT_BITS_PER_LONG 32 > @@ -18,3 +21,5 @@ int switch_compat(struct domain *); > #include <xen/errno.h> > static inline int switch_compat(struct domain *d) { return -EOPNOTSUPP; } > #endif > + > +#endif /* __ASM_X86_COMPAT_H__ */ > diff --git a/xen/arch/x86/include/asm/cpufeatures.h b/xen/arch/x86/include/asm/cpufeatures.h > index da0593de85..1dfdd478ab 100644 > --- a/xen/arch/x86/include/asm/cpufeatures.h > +++ b/xen/arch/x86/include/asm/cpufeatures.h > @@ -1,6 +1,4 @@ > -/* > - * Explicitly intended for multiple inclusion. > - */ > +/* This file is legitimately included multiple times */ > > #include <xen/lib/x86/cpuid-autogen.h> > > diff --git a/xen/arch/x86/include/asm/efibind.h b/xen/arch/x86/include/asm/efibind.h > index bce02f3707..f2eb8b5496 100644 > --- a/xen/arch/x86/include/asm/efibind.h > +++ b/xen/arch/x86/include/asm/efibind.h > @@ -1,2 +1,7 @@ > +#ifndef __ASM_X86_EFIBIND_H__ > +#define __ASM_X86_EFIBIND_H__ > + > #include <xen/types.h> > #include <asm/x86_64/efibind.h> > + > +#endif /* __ASM_X86_EFIBIND_H__ */ > diff --git a/xen/arch/x86/include/asm/hypercall.h b/xen/arch/x86/include/asm/hypercall.h > index ec2edc771e..2ade5d71b8 100644 > --- a/xen/arch/x86/include/asm/hypercall.h > +++ b/xen/arch/x86/include/asm/hypercall.h > @@ -2,13 +2,13 @@ > * asm-x86/hypercall.h > */ > > +#ifndef __ASM_X86_HYPERCALL_H__ > +#define __ASM_X86_HYPERCALL_H__ > + > #ifndef __XEN_HYPERCALL_H__ > #error "asm/hypercall.h should not be included directly - include xen/hypercall.h instead" > #endif > > -#ifndef __ASM_X86_HYPERCALL_H__ > -#define __ASM_X86_HYPERCALL_H__ > - > #include <xen/types.h> > #include <public/physdev.h> > #include <public/event_channel.h> > -- > 2.34.1 >
On 28.08.2023 15:20, Simone Ballarin wrote: > --- a/xen/arch/x86/include/asm/hypercall.h > +++ b/xen/arch/x86/include/asm/hypercall.h > @@ -2,13 +2,13 @@ > * asm-x86/hypercall.h > */ > > +#ifndef __ASM_X86_HYPERCALL_H__ > +#define __ASM_X86_HYPERCALL_H__ > + > #ifndef __XEN_HYPERCALL_H__ > #error "asm/hypercall.h should not be included directly - include xen/hypercall.h instead" > #endif > > -#ifndef __ASM_X86_HYPERCALL_H__ > -#define __ASM_X86_HYPERCALL_H__ > - > #include <xen/types.h> > #include <public/physdev.h> > #include <public/event_channel.h> See Julien's comment on the similar Arm change. Jan
On 29/08/23 00:30, Stefano Stabellini wrote: > On Mon, 28 Aug 2023, Simone Ballarin wrote: >> Add or move inclusion guards to address violations of >> MISRA C:2012 Directive 4.10 ("Precautions shall be taken in order >> to prevent the contents of a header file being included more than >> once"). >> >> Inclusion guards must appear at the beginning of the headers >> (comments are permitted anywhere). >> >> The text of the beggining comment of cpufeatures.h has been changed >> to match the deviation in automation/eclair_analysis/ECLAIR/deviations.ecl, >> moreover this new formulation is already used in other files. > > I don't think it is a good idea to do this kind of textual matching. > Instead we should use the format introduced by safe.json, e.g. > SAF-1-safe > I agree. I will use a comment-based deviation. > >> Mechanical change. >> >> Signed-off-by: Simone Ballarin <simone.ballarin@bugseng.com> >> --- >> xen/arch/x86/include/asm/compat.h | 5 +++++ >> xen/arch/x86/include/asm/cpufeatures.h | 4 +--- >> xen/arch/x86/include/asm/efibind.h | 5 +++++ >> xen/arch/x86/include/asm/hypercall.h | 6 +++--- >> 4 files changed, 14 insertions(+), 6 deletions(-) >> >> diff --git a/xen/arch/x86/include/asm/compat.h b/xen/arch/x86/include/asm/compat.h >> index 818cad87db..3d3891d061 100644 >> --- a/xen/arch/x86/include/asm/compat.h >> +++ b/xen/arch/x86/include/asm/compat.h >> @@ -2,6 +2,9 @@ >> * compat.h >> */ >> >> +#ifndef __ASM_X86_COMPAT_H__ >> +#define __ASM_X86_COMPAT_H__ >> + >> #ifdef CONFIG_COMPAT >> >> #define COMPAT_BITS_PER_LONG 32 >> @@ -18,3 +21,5 @@ int switch_compat(struct domain *); >> #include <xen/errno.h> >> static inline int switch_compat(struct domain *d) { return -EOPNOTSUPP; } >> #endif >> + >> +#endif /* __ASM_X86_COMPAT_H__ */ >> diff --git a/xen/arch/x86/include/asm/cpufeatures.h b/xen/arch/x86/include/asm/cpufeatures.h >> index da0593de85..1dfdd478ab 100644 >> --- a/xen/arch/x86/include/asm/cpufeatures.h >> +++ b/xen/arch/x86/include/asm/cpufeatures.h >> @@ -1,6 +1,4 @@ >> -/* >> - * Explicitly intended for multiple inclusion. >> - */ >> +/* This file is legitimately included multiple times */ >> >> #include <xen/lib/x86/cpuid-autogen.h> >> >> diff --git a/xen/arch/x86/include/asm/efibind.h b/xen/arch/x86/include/asm/efibind.h >> index bce02f3707..f2eb8b5496 100644 >> --- a/xen/arch/x86/include/asm/efibind.h >> +++ b/xen/arch/x86/include/asm/efibind.h >> @@ -1,2 +1,7 @@ >> +#ifndef __ASM_X86_EFIBIND_H__ >> +#define __ASM_X86_EFIBIND_H__ >> + >> #include <xen/types.h> >> #include <asm/x86_64/efibind.h> >> + >> +#endif /* __ASM_X86_EFIBIND_H__ */ >> diff --git a/xen/arch/x86/include/asm/hypercall.h b/xen/arch/x86/include/asm/hypercall.h >> index ec2edc771e..2ade5d71b8 100644 >> --- a/xen/arch/x86/include/asm/hypercall.h >> +++ b/xen/arch/x86/include/asm/hypercall.h >> @@ -2,13 +2,13 @@ >> * asm-x86/hypercall.h >> */ >> >> +#ifndef __ASM_X86_HYPERCALL_H__ >> +#define __ASM_X86_HYPERCALL_H__ >> + >> #ifndef __XEN_HYPERCALL_H__ >> #error "asm/hypercall.h should not be included directly - include xen/hypercall.h instead" >> #endif >> >> -#ifndef __ASM_X86_HYPERCALL_H__ >> -#define __ASM_X86_HYPERCALL_H__ >> - >> #include <xen/types.h> >> #include <public/physdev.h> >> #include <public/event_channel.h> >> -- >> 2.34.1 >>
diff --git a/xen/arch/x86/include/asm/compat.h b/xen/arch/x86/include/asm/compat.h index 818cad87db..3d3891d061 100644 --- a/xen/arch/x86/include/asm/compat.h +++ b/xen/arch/x86/include/asm/compat.h @@ -2,6 +2,9 @@ * compat.h */ +#ifndef __ASM_X86_COMPAT_H__ +#define __ASM_X86_COMPAT_H__ + #ifdef CONFIG_COMPAT #define COMPAT_BITS_PER_LONG 32 @@ -18,3 +21,5 @@ int switch_compat(struct domain *); #include <xen/errno.h> static inline int switch_compat(struct domain *d) { return -EOPNOTSUPP; } #endif + +#endif /* __ASM_X86_COMPAT_H__ */ diff --git a/xen/arch/x86/include/asm/cpufeatures.h b/xen/arch/x86/include/asm/cpufeatures.h index da0593de85..1dfdd478ab 100644 --- a/xen/arch/x86/include/asm/cpufeatures.h +++ b/xen/arch/x86/include/asm/cpufeatures.h @@ -1,6 +1,4 @@ -/* - * Explicitly intended for multiple inclusion. - */ +/* This file is legitimately included multiple times */ #include <xen/lib/x86/cpuid-autogen.h> diff --git a/xen/arch/x86/include/asm/efibind.h b/xen/arch/x86/include/asm/efibind.h index bce02f3707..f2eb8b5496 100644 --- a/xen/arch/x86/include/asm/efibind.h +++ b/xen/arch/x86/include/asm/efibind.h @@ -1,2 +1,7 @@ +#ifndef __ASM_X86_EFIBIND_H__ +#define __ASM_X86_EFIBIND_H__ + #include <xen/types.h> #include <asm/x86_64/efibind.h> + +#endif /* __ASM_X86_EFIBIND_H__ */ diff --git a/xen/arch/x86/include/asm/hypercall.h b/xen/arch/x86/include/asm/hypercall.h index ec2edc771e..2ade5d71b8 100644 --- a/xen/arch/x86/include/asm/hypercall.h +++ b/xen/arch/x86/include/asm/hypercall.h @@ -2,13 +2,13 @@ * asm-x86/hypercall.h */ +#ifndef __ASM_X86_HYPERCALL_H__ +#define __ASM_X86_HYPERCALL_H__ + #ifndef __XEN_HYPERCALL_H__ #error "asm/hypercall.h should not be included directly - include xen/hypercall.h instead" #endif -#ifndef __ASM_X86_HYPERCALL_H__ -#define __ASM_X86_HYPERCALL_H__ - #include <xen/types.h> #include <public/physdev.h> #include <public/event_channel.h>
Add or move inclusion guards to address violations of MISRA C:2012 Directive 4.10 ("Precautions shall be taken in order to prevent the contents of a header file being included more than once"). Inclusion guards must appear at the beginning of the headers (comments are permitted anywhere). The text of the beggining comment of cpufeatures.h has been changed to match the deviation in automation/eclair_analysis/ECLAIR/deviations.ecl, moreover this new formulation is already used in other files. Mechanical change. Signed-off-by: Simone Ballarin <simone.ballarin@bugseng.com> --- xen/arch/x86/include/asm/compat.h | 5 +++++ xen/arch/x86/include/asm/cpufeatures.h | 4 +--- xen/arch/x86/include/asm/efibind.h | 5 +++++ xen/arch/x86/include/asm/hypercall.h | 6 +++--- 4 files changed, 14 insertions(+), 6 deletions(-)